VPN feature request

Advanced feature discussion, beta programs and unsupported "Labs" features.
7 posts Page 1 of 1
by brandycoke » Tue Jun 20, 2017 10:52 am
Hi there, I'd like to see if you guys are open to the idea of more ways to connect Sonic's VPN, i.e. IPSec or IKEv2, instead of just OpenVPN. Thanks!
by danielg4 » Tue Jun 20, 2017 12:49 pm
You know, they've always offered Cisco IPsec. The OpenVPN is a relatively recent addition.
by brandycoke » Tue Jun 20, 2017 3:47 pm
According to their website, "The Cisco VPN client is being deprecated"

https://wiki.sonic.net/wiki/VPN_Service ... _client.3F

This is all I can tell, not even sure if it's till working.

Actually, I'm looking for a way to keep the connection but use it when I want, with my non-von connections at the same time.

Even with OpenVPN, I believe I can do this if they use "tap" instead of "tun". In this case I can just point my connection to it when needed.
by danielg4 » Tue Jun 20, 2017 4:28 pm
brandycoke wrote:According to their website, "The Cisco VPN client is being deprecated"

https://wiki.sonic.net/wiki/VPN_Service ... _client.3F

This is all I can tell, not even sure if it's till working.
Just prior to posting the above, I tried it to see whether it still worked, and it did, both Standard and Enhanced.
Actually, I'm looking for a way to keep the connection but use it when I want, with my non-von connections at the same time.

Even with OpenVPN, I believe I can do this if they use "tap" instead of "tun". In this case I can just point my connection to it when needed.
You have that backwards, because "tap" forwards an entire network interface, not just a connection over it like "tun" does. All modern VPN's use a "tun" device.
by brandycoke » Tue Jun 20, 2017 5:19 pm
You have that backwards, because "tap" forwards an entire network interface, not just a connection over it like "tun" does. All modern VPN's use a "tun" device.
Interesting. In my case, I have another VPN service that uses tap and I can keep it connected and use only when I want (i.e. curl --interface tap0 ), but Sonic's connection (tun) takes over entirely. If it's not too much trouble, can you point me how to achieve the same goal using Sonic?

Thanks very much!
by danielg4 » Tue Jun 20, 2017 6:37 pm
There should be no reason you can't "curl --interface tun0"; just arrange the routing table the way you want:
https://community.openvpn.net/openvpn/w ... ectGateway
by brandycoke » Tue Jun 20, 2017 6:55 pm
Adding "route-noexec" seems does the trick. Thanks a lot for your time!
7 posts Page 1 of 1

Who is online

In total there are 27 users online :: 0 registered, 0 hidden and 27 guests (based on users active over the past 5 minutes)
Most users ever online was 999 on Mon May 10, 2021 1:02 am

Users browsing this forum: No registered users and 27 guests